#HITB2012KUL D2T3 - 'OPEN BOTTLE' - Security Industry Panel Discussion

A last minute open panel discussion slotted in to replace the PEDA talk by Thanh Nguyen and Long Le of VNSECURITY which had to unfortunately be cancelled. Featuring (L-R): Rodrigo 'bsdaemon' Branco, Ben Nagy, The Grugq, Saumil Shah (who joined the discussion in the second half), Marc 'van hauser' Heuse and Felix 'FX' Lindner . ABOUT RODRIGO RUBIRA BRANCO Rodrigo Rubira Branco (BSDaemon) is the Director of Vulnerability & Malware Research at Qualys. In 2011 he was honored as one of the top contributors to Adobe Vulnerabilities in the past 12 months. Previously, as the Chief Security Research at Check Point he founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important software. Previous to that, he worked as Senior Vulnerability Researcher in COSEINC, as Principal Security Researcher at Scanit and as Staff Software Engineer in the IBM Advanced Linux Response Team (ALRT) also working in the IBM Toolchain (Debugging) Team for PowerPC Architecture. He is a member of the RISE Security Group and is the organizer of Hackers to Hackers Conference (H2HC), the oldest security research conference in Latin America. ABOUT BEN NAGY Ben Nagy is a senior security researcher with COSEINC, and recently moved from Kuala Lumpur to hack with a view of the mountains in Kathmandu. For over a year he has been exploring ways to improve fuzzing scalability, especially against complex, closed source targets like Windows and Office. Previously working on liver destruction with eEye in Geneva and Bangkok, Ben has written whitepapers on a number of subjects and presented at conferences in Europe, Asia and Australia. Ben is probably that guy over there drinking beer and talking about Ruby. ABOUT THE GRUGQ A licensed manicurist by trade, the grugq rose from the ranks of the PLA's gold farming division to become one of the lead clicky-clicky technologists within the offensive cyber sphere. Currently under the patronage of the Asian Godfather of Hacking, living an austere existence as a practicing Buddhist monk in the mountains of Bangkok, The Grugq continues to advance the art of hiding things from the authorities. ABOUT SAUMIL SHAH Saumil continues to lead the efforts in e-commerce security research and product development at Net-Square. His focus is on researching vulnerabilities with various e-commerce and web based application systems, system architecture for Net-Square's tools and products, and developing short term training programmes. Saumil also provides information security consulting services to Net-Square clients, specializing in ethical hacking and security architecture. He holds a designation of Certified Information Systems Security Professional. Saumil has had more than nine years experience with system administration, network architecture, integrating heterogenous platforms, and information security and has perfomed numerous ethical hacking exercises for many significant companies in the IT area. Saumil is a regular speaker and trainer at security conferences such as BlackHat, RSA, etc. ABOUT VAN HAUSER Marc "van Hauser" Heuse is performing security research since 1993, having found vulnerabilities in software like firewalls, DNS servers, SAP middleware, etc. and is the author of various well known security and pentest tools like hydra, amap, THC-Scan, secure_delete, SuSEFirewall and many more. He is performing security research on IPv6 since 2005 and has spoken on many conferences on this topic since then, among these are the CCC congress (Germany), Cansecwest (Canada), PacSec (Japan) and many more international conferences, and additionally has programmed the solely available pentest toolkit for ipv6: the thc-ipv6 protocol attack suite. In 1995 he founded the renowned security research group "The Hacker's Choice", which was the first group to e.g. crack A5 GSM in 2006 within a minute. Since 1997 he is working as a security consultant in the top-5 enterprise consultant companies, since 2007 he is working as an independant security consultant. ABOUT FELIX 'FX' LINDNER FX is the leader of the Phenoelit group and loves to hack pretty much everything with a CPU and some communication, preferably networked. He looks back at around fifteen years of (legal) hacking with only a couple Cisco IOS and SAP remote exploits, tools for hacking HP printers and protocol attacks lining the road. In his day life, Felix 'FX' Lindner runs Recurity Labs GmbH, a security consulting and research company in Berlin, Germany.